Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-12-2013 Ran by User (administrator) on USER-65C0DE1DBA on 12-12-2013 16:36:06 Running from C:\Documents and Settings\User\Pulpit\Skanowanie Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (F-Secure Corporation) C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe (F-Secure Corporation) C:\Program Files\F-Secure\Common\FSMA32.EXE (F-Secure Corporation) C:\Program Files\F-Secure\Anti-Virus\fsgk32.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (F-Secure Corporation) C:\Program Files\F-Secure\Common\FSHDLL32.EXE (StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (F-Secure Corporation) C:\Program Files\F-Secure\Common\FSM32.EXE (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe (F-Secure Corporation) C:\Program Files\F-Secure\FWES\program\fsdfwd.exe (F-Secure Corporation) C:\Program Files\F-Secure\ORSP Client\fsorsp.exe (F-Secure Corporation) C:\Program Files\F-Secure\Anti-Virus\fssm32.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (F-Secure Corporation) C:\Program Files\F-Secure\Anti-Virus\fsav32.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [F-Secure Manager] - C:\Program Files\F-Secure\Common\FSM32.EXE [201384 2011-08-16] (F-Secure Corporation) HKLM\...\Run: [F-Secure TNB] - C:\Program Files\F-Secure\FSGUI\tnbutil.exe [1655464 2011-08-16] (F-Secure Corporation) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.) HKCU\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation) HKCU\...\Run: [AlcoholAutomount] - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) IFEO\Your Image File Name Here without a path: [Debugger] Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) Startup: C:\Documents and Settings\User\Menu Start\Programy\Autostart\TorpedoCopy.lnk ShortcutTarget: TorpedoCopy.lnk -> D:\Torpedo\Torpedo.exe (No File) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {3A3F69D4-312A-4349-BAE5-287F8165D0C1} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^PL&apn_uid=746CB176-ACBE-4BAF-B47C-692EF0DC1A25&apn_sauid=592875A3-B0DB-498B-BC6B-47FDA8536C0A BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PakietOffice\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM) BHO: Browsing Protection Class - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation) Toolbar: HKLM - Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) DPF: {41564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.1.1 Tcpip\..\Interfaces\{B4471493-0386-4324-97C1-97D97E989D2A}: [NameServer]62.179.1.62,62.179.1.63 FireFox: ======== FF ProfilePath: C:\Documents and Settings\User\Dane aplikacji\Mozilla\Firefox\Profiles\lp55ayqd.default-1386799921984 FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - D:\PAKIET~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - D:\PAKIET~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Extension: Kaspersky URL Advisor - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru FF HKLM\...\Firefox\Extensions: [litmus-ff@f-secure.com] - C:\Program Files\F-Secure\NRS\litmus-ff@f-secure.com FF Extension: Browsing Protection - C:\Program Files\F-Secure\NRS\litmus-ff@f-secure.com FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ========================== Services (Whitelisted) ================= S4 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2008-09-23] () S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) R2 F-Secure Gatekeeper Handler Starter; C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [221864 2011-08-16] (F-Secure Corporation) R3 FSDFWD; C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe [524968 2011-08-16] (F-Secure Corporation) R2 FSMA; C:\Program Files\F-Secure\Common\FSMA32.EXE [189096 2011-08-16] (F-Secure Corporation) R3 FSORSPClient; C:\Program Files\F-Secure\ORSP Client\fsorsp.exe [60352 2013-06-05] (F-Secure Corporation) S4 HP Port Resolver; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [81920 2005-05-20] (Hewlett-Packard Company) S4 HP Status Server; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [73728 2004-10-16] (Hewlett-Packard Company) R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" ==================== Drivers (Whitelisted) ==================== R3 Cap7134; C:\Windows\System32\DRIVERS\Cap7134.sys [346304 2010-04-10] (AVerMedia TECHNOLOGIES, Inc.) S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan) R3 F-Secure Gatekeeper; C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys [145856 2013-07-10] (F-Secure Corporation) R1 F-Secure HIPS; C:\Program Files\F-Secure\HIPS\drivers\fshs.sys [70184 2011-08-16] (F-Secure Corporation) R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [44240 2012-08-19] () R0 FSFW; C:\Windows\System32\drivers\fsdfw.sys [82120 2011-08-16] (F-Secure Corporation) S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2006-04-13] (HP) S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2006-04-13] (HP) S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2006-04-13] (HP) R0 JGOGO; C:\Windows\System32\DRIVERS\JGOGO.sys [6912 2006-02-07] (JMicron ) R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [38016 2006-02-15] (JMicron Technology Corp.) S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) R3 PhTVTune; C:\Windows\System32\DRIVERS\PhTVTune.sys [54304 2010-04-10] (AVerMedia TECHNOLOGIES, Inc.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-06-13] (Duplex Secure Ltd.) U3 axjv0oub; C:\Windows\System32\Drivers\axjv0oub.sys [0 ] (JMicron Technology Corp.) S3 catchme; \??\C:\DOCUME~1\User\USTAWI~1\Temp\catchme.sys [x] S4 IntelIde; No ImagePath U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-12 12:24 - 2013-12-12 12:27 - 00013850 _____ C:\WINDOWS\KB2898785-IE8.log 2013-12-12 12:22 - 2013-12-12 12:22 - 00005477 _____ C:\WINDOWS\KB2904266.log 2013-12-12 12:22 - 2013-12-12 12:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$ 2013-12-12 12:22 - 2013-12-12 12:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$ 2013-12-12 12:22 - 2013-12-12 12:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$ 2013-12-12 12:21 - 2013-12-12 12:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$ 2013-12-12 12:21 - 2013-12-12 12:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$ 2013-12-12 11:10 - 2013-12-12 12:22 - 00010698 _____ C:\WINDOWS\KB2898715.log 2013-12-12 11:10 - 2013-12-12 12:22 - 00009501 _____ C:\WINDOWS\KB2893294.log 2013-12-12 11:09 - 2013-12-12 12:21 - 00010255 _____ C:\WINDOWS\KB2893984.log 2013-12-12 11:09 - 2013-12-12 12:21 - 00008951 _____ C:\WINDOWS\KB2892075.log 2013-12-11 23:17 - 2013-12-11 23:23 - 00000000 ____D C:\AdwCleaner 2013-12-11 23:12 - 2013-12-11 23:12 - 00000000 ____D C:\Documents and Settings\User\Pulpit\Stare dane programu Firefox 2013-12-10 19:08 - 2013-12-12 16:35 - 00000000 ____D C:\FRST 2013-12-10 19:07 - 2013-12-12 16:36 - 00000000 ____D C:\Documents and Settings\User\Pulpit\Skanowanie 2013-12-05 18:43 - 2013-12-05 18:43 - 00030033 _____ C:\Documents and Settings\User\Pulpit\dotychczasowemateriayzhistoriijzyka.zip 2013-12-04 19:52 - 2013-12-09 21:28 - 00000000 ____D C:\Documents and Settings\User\Moje dokumenty\Moje zeskanowane obrazy 2013-12-03 20:07 - 2013-12-03 20:07 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\InstallMate 2013-12-03 20:05 - 2013-12-03 20:05 - 00322016 _____ (QuickSet) C:\Documents and Settings\User\Pulpit\make friends with false friends PB pdf.exe 2013-12-01 11:31 - 2013-12-01 11:31 - 05292073 _____ C:\Documents and Settings\User\Pulpit\fwdspeakingclass2crime.zip 2013-11-29 09:51 - 2013-11-29 09:51 - 06383155 _____ C:\Documents and Settings\User\Pulpit\hel.rar 2013-11-15 23:11 - 2013-11-16 12:17 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-11-13 23:57 - 2013-11-13 23:57 - 00008904 _____ C:\WINDOWS\KB2900986.log 2013-11-13 23:57 - 2013-11-13 23:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$ 2013-11-13 23:57 - 2013-11-13 23:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$ 2013-11-13 23:56 - 2013-11-13 23:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$ 2013-11-13 23:56 - 2013-11-13 23:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$ 2013-11-13 23:52 - 2013-11-13 23:54 - 00011409 _____ C:\WINDOWS\KB2888505-IE8.log 2013-11-13 18:17 - 2013-11-13 23:57 - 00014549 _____ C:\WINDOWS\KB2868626.log 2013-11-13 18:17 - 2013-11-13 23:56 - 00013575 _____ C:\WINDOWS\KB2862152.log 2013-11-13 18:17 - 2013-11-13 23:56 - 00013049 _____ C:\WINDOWS\KB2876331.log ==================== One Month Modified Files and Folders ======= 2013-12-12 16:36 - 2013-12-10 19:07 - 00000000 ____D C:\Documents and Settings\User\Pulpit\Skanowanie 2013-12-12 16:35 - 2013-12-10 19:08 - 00000000 ____D C:\FRST 2013-12-12 16:33 - 2010-03-08 15:33 - 01186640 _____ C:\WINDOWS\WindowsUpdate.log 2013-12-12 16:30 - 2010-03-08 16:26 - 00000159 _____ C:\WINDOWS\wiadebug.log 2013-12-12 16:29 - 2013-06-10 21:37 - 00000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job 2013-12-12 16:29 - 2013-06-05 19:26 - 00000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 2013-12-12 16:29 - 2010-03-08 16:26 - 00000050 _____ C:\WINDOWS\wiaservc.log 2013-12-12 16:29 - 2010-03-08 15:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-12-12 16:29 - 2008-09-24 02:38 - 00055160 _____ C:\WINDOWS\system32\ativvaxx.cap 2013-12-12 16:27 - 2010-03-08 15:46 - 00000188 ___SH C:\Documents and Settings\User\ntuser.ini 2013-12-12 16:27 - 2010-03-08 15:40 - 00032426 _____ C:\WINDOWS\SchedLgU.Txt 2013-12-12 16:22 - 2010-03-10 21:29 - 00000000 ____D C:\Documents and Settings\User\Moje dokumenty\Pobieranie 2013-12-12 16:14 - 2013-02-18 16:41 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2013-12-12 12:45 - 2010-03-08 16:20 - 00332280 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-12-12 12:44 - 2013-09-27 07:14 - 00131072 _____ C:\WINDOWS\system32\config\OAlerts.evt 2013-12-12 12:28 - 2013-09-26 22:34 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help 2013-12-12 12:27 - 2013-12-12 12:24 - 00013850 _____ C:\WINDOWS\KB2898785-IE8.log 2013-12-12 12:27 - 2013-10-09 10:30 - 00122017 _____ C:\WINDOWS\iis6.log 2013-12-12 12:27 - 2013-10-09 10:30 - 00111897 _____ C:\WINDOWS\FaxSetup.log 2013-12-12 12:27 - 2013-10-09 10:30 - 00056068 _____ C:\WINDOWS\ocgen.log 2013-12-12 12:27 - 2013-10-09 10:30 - 00052692 _____ C:\WINDOWS\tsoc.log 2013-12-12 12:27 - 2013-10-09 10:30 - 00037948 _____ C:\WINDOWS\comsetup.log 2013-12-12 12:27 - 2013-10-09 10:30 - 00035266 _____ C:\WINDOWS\msmqinst.log 2013-12-12 12:27 - 2013-10-09 10:30 - 00023273 _____ C:\WINDOWS\ntdtcsetup.log 2013-12-12 12:27 - 2013-10-09 10:30 - 00020003 _____ C:\WINDOWS\netfxocm.log 2013-12-12 12:27 - 2013-10-09 10:30 - 00007944 _____ C:\WINDOWS\MedCtrOC.log 2013-12-12 12:27 - 2013-10-09 10:30 - 00007031 _____ C:\WINDOWS\ocmsn.log 2013-12-12 12:27 - 2013-10-09 10:30 - 00005742 _____ C:\WINDOWS\tabletoc.log 2013-12-12 12:27 - 2013-10-09 10:30 - 00005732 _____ C:\WINDOWS\msgsocm.log 2013-12-12 12:27 - 2013-10-09 10:30 - 00001393 _____ C:\WINDOWS\imsins.log 2013-12-12 12:26 - 2013-10-09 10:31 - 00013100 _____ C:\WINDOWS\updspapi.log 2013-12-12 12:22 - 2013-12-12 12:22 - 00005477 _____ C:\WINDOWS\KB2904266.log 2013-12-12 12:22 - 2013-12-12 12:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$ 2013-12-12 12:22 - 2013-12-12 12:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$ 2013-12-12 12:22 - 2013-12-12 12:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$ 2013-12-12 12:22 - 2013-12-12 11:10 - 00010698 _____ C:\WINDOWS\KB2898715.log 2013-12-12 12:22 - 2013-12-12 11:10 - 00009501 _____ C:\WINDOWS\KB2893294.log 2013-12-12 12:22 - 2013-10-09 10:30 - 00001393 _____ C:\WINDOWS\imsins.BAK 2013-12-12 12:22 - 2010-11-23 00:03 - 00043792 _____ C:\WINDOWS\system32\TZLog.log 2013-12-12 12:21 - 2013-12-12 12:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$ 2013-12-12 12:21 - 2013-12-12 12:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$ 2013-12-12 12:21 - 2013-12-12 11:09 - 00010255 _____ C:\WINDOWS\KB2893984.log 2013-12-12 12:21 - 2013-12-12 11:09 - 00008951 _____ C:\WINDOWS\KB2892075.log 2013-12-12 00:00 - 2010-07-26 17:15 - 00000538 _____ C:\WINDOWS\Tasks\Scheduled scanning task.job 2013-12-11 23:23 - 2013-12-11 23:17 - 00000000 ____D C:\AdwCleaner 2013-12-11 23:23 - 2010-03-08 15:46 - 00000000 ___RD C:\Documents and Settings\User\Menu Start\Programy 2013-12-11 23:23 - 2010-03-08 15:46 - 00000000 ____D C:\Documents and Settings\User\Pulpit 2013-12-11 23:22 - 2010-03-08 16:21 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2013-12-11 23:22 - 2010-03-08 15:46 - 00000000 __RHD C:\Documents and Settings\User\Dane aplikacji 2013-12-11 23:22 - 2010-03-08 15:46 - 00000000 ___HD C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji 2013-12-11 23:12 - 2013-12-11 23:12 - 00000000 ____D C:\Documents and Settings\User\Pulpit\Stare dane programu Firefox 2013-12-11 10:38 - 2013-10-15 18:09 - 00000000 ____D C:\Documents and Settings\User\Pulpit\prezentacja tdt 2013-12-10 18:48 - 2008-04-15 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl 2013-12-10 18:41 - 2013-10-09 10:29 - 00017238 _____ C:\WINDOWS\setupapi.log 2013-12-10 18:41 - 2010-03-08 16:23 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2013-12-10 18:28 - 2008-04-15 13:00 - 00102704 _____ C:\WINDOWS\system32\perfc015.dat 2013-12-10 18:28 - 2008-04-15 13:00 - 00013260 _____ C:\WINDOWS\system32\perfh015.dat 2013-12-10 18:19 - 2010-03-08 16:23 - 00018090 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-12-09 21:28 - 2013-12-04 19:52 - 00000000 ____D C:\Documents and Settings\User\Moje dokumenty\Moje zeskanowane obrazy 2013-12-09 20:23 - 2012-11-08 19:03 - 00000000 ____D C:\WINDOWS\system32\cache 2013-12-05 18:43 - 2013-12-05 18:43 - 00030033 _____ C:\Documents and Settings\User\Pulpit\dotychczasowemateriayzhistoriijzyka.zip 2013-12-05 18:43 - 2012-11-25 20:00 - 00000000 ____D C:\Documents and Settings\User\Pulpit\LSW 2013-12-04 19:52 - 2010-03-08 15:46 - 00000000 ___RD C:\Documents and Settings\User\Moje dokumenty 2013-12-04 11:46 - 2010-03-09 10:33 - 00000000 ____D C:\Documents and Settings\User\Pulpit\kopia 2013-12-04 09:22 - 2011-07-22 18:35 - 00000000 ____D C:\Documents and Settings\User\Pulpit\BOK 2013-12-03 23:11 - 2013-11-07 09:58 - 00000000 ____D C:\Documents and Settings\User\Pulpit\III rok LSW 2013-12-03 20:07 - 2013-12-03 20:07 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\InstallMate 2013-12-03 20:05 - 2013-12-03 20:05 - 00322016 _____ (QuickSet) C:\Documents and Settings\User\Pulpit\make friends with false friends PB pdf.exe 2013-12-01 11:31 - 2013-12-01 11:31 - 05292073 _____ C:\Documents and Settings\User\Pulpit\fwdspeakingclass2crime.zip 2013-11-29 09:51 - 2013-11-29 09:51 - 06383155 _____ C:\Documents and Settings\User\Pulpit\hel.rar 2013-11-29 09:35 - 2012-10-13 19:26 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat 2013-11-23 11:10 - 2012-11-10 23:22 - 00000000 ____D C:\Documents and Settings\User\Pulpit\DI 2013-11-19 17:10 - 2010-08-04 17:04 - 00000000 ____D C:\Documents and Settings\User\Pulpit\Moje zeskanowane obrazy 2013-11-19 15:30 - 2010-03-10 20:13 - 00000000 __SHD C:\Documents and Settings\User\UserData 2013-11-19 15:23 - 2010-03-08 16:40 - 00090512 _____ C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2013-11-16 14:34 - 2010-03-22 22:47 - 00000000 ____D C:\Documents and Settings\User\Dane aplikacji\vlc 2013-11-16 14:25 - 2010-03-08 17:39 - 00034816 _____ C:\Documents and Settings\User\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-11-16 14:16 - 2010-03-22 22:48 - 00000000 ____D C:\Documents and Settings\User\Dane aplikacji\dvdcss 2013-11-16 12:17 - 2013-11-15 23:11 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-11-16 12:17 - 2012-04-25 16:09 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-11-13 23:57 - 2013-11-13 23:57 - 00008904 _____ C:\WINDOWS\KB2900986.log 2013-11-13 23:57 - 2013-11-13 23:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$ 2013-11-13 23:57 - 2013-11-13 23:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$ 2013-11-13 23:57 - 2013-11-13 18:17 - 00014549 _____ C:\WINDOWS\KB2868626.log 2013-11-13 23:56 - 2013-11-13 23:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$ 2013-11-13 23:56 - 2013-11-13 23:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$ 2013-11-13 23:56 - 2013-11-13 18:17 - 00013575 _____ C:\WINDOWS\KB2862152.log 2013-11-13 23:56 - 2013-11-13 18:17 - 00013049 _____ C:\WINDOWS\KB2876331.log 2013-11-13 23:54 - 2013-11-13 23:52 - 00011409 _____ C:\WINDOWS\KB2888505-IE8.log 2013-11-13 23:52 - 2013-08-14 11:15 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-11-13 23:49 - 2010-11-23 14:33 - 80340640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-11-13 04:00 - 2008-04-15 13:00 - 00150528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imagehlp.dll 2013-11-13 04:00 - 2008-04-15 13:00 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2013-11-13 02:13 - 2008-04-15 13:00 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzchange.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\services.exe [2008-04-15 13:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\Windows\System32\User32.dll [2008-04-15 13:00] - [2008-04-15 13:00] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\userinit.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\Windows\System32\Drivers\volsnap.sys [2008-04-15 13:00] - [2008-04-15 13:00] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================